Mercurial > hg > nginx
comparison src/http/ngx_http_core_module.c @ 7848:1bde031b59ff
Location header escaping in redirects (ticket #882).
The header is escaped in redirects based on request URI or
location name (auto redirect).
| author | Ruslan Ermilov <ru@nginx.com> |
|---|---|
| date | Mon, 24 May 2021 21:55:20 +0300 |
| parents | bdd4d89370a7 |
| children | e3dbd9449b14 d514f88053e5 |
comparison
equal
deleted
inserted
replaced
| 7847:1336a33cff33 | 7848:1bde031b59ff |
|---|---|
| 1008 | 1008 |
| 1009 r->headers_out.location->hash = 1; | 1009 r->headers_out.location->hash = 1; |
| 1010 ngx_str_set(&r->headers_out.location->key, "Location"); | 1010 ngx_str_set(&r->headers_out.location->key, "Location"); |
| 1011 | 1011 |
| 1012 if (r->args.len == 0) { | 1012 if (r->args.len == 0) { |
| 1013 r->headers_out.location->value = clcf->name; | 1013 r->headers_out.location->value = clcf->escaped_name; |
| 1014 | 1014 |
| 1015 } else { | 1015 } else { |
| 1016 len = clcf->name.len + 1 + r->args.len; | 1016 len = clcf->escaped_name.len + 1 + r->args.len; |
| 1017 p = ngx_pnalloc(r->pool, len); | 1017 p = ngx_pnalloc(r->pool, len); |
| 1018 | 1018 |
| 1019 if (p == NULL) { | 1019 if (p == NULL) { |
| 1020 ngx_http_clear_location(r); | 1020 ngx_http_clear_location(r); |
| 1021 ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); | 1021 ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); |
| 1023 } | 1023 } |
| 1024 | 1024 |
| 1025 r->headers_out.location->value.len = len; | 1025 r->headers_out.location->value.len = len; |
| 1026 r->headers_out.location->value.data = p; | 1026 r->headers_out.location->value.data = p; |
| 1027 | 1027 |
| 1028 p = ngx_cpymem(p, clcf->name.data, clcf->name.len); | 1028 p = ngx_cpymem(p, clcf->escaped_name.data, clcf->escaped_name.len); |
| 1029 *p++ = '?'; | 1029 *p++ = '?'; |
| 1030 ngx_memcpy(p, r->args.data, r->args.len); | 1030 ngx_memcpy(p, r->args.data, r->args.len); |
| 1031 } | 1031 } |
| 1032 | 1032 |
| 1033 ngx_http_finalize_request(r, NGX_HTTP_MOVED_PERMANENTLY); | 1033 ngx_http_finalize_request(r, NGX_HTTP_MOVED_PERMANENTLY); |
| 3465 } | 3465 } |
| 3466 | 3466 |
| 3467 /* | 3467 /* |
| 3468 * set by ngx_pcalloc(): | 3468 * set by ngx_pcalloc(): |
| 3469 * | 3469 * |
| 3470 * clcf->escaped_name = { 0, NULL }; | |
| 3470 * clcf->root = { 0, NULL }; | 3471 * clcf->root = { 0, NULL }; |
| 3471 * clcf->limit_except = 0; | 3472 * clcf->limit_except = 0; |
| 3472 * clcf->post_action = { 0, NULL }; | 3473 * clcf->post_action = { 0, NULL }; |
| 3473 * clcf->types = NULL; | 3474 * clcf->types = NULL; |
| 3474 * clcf->default_type = { 0, NULL }; | 3475 * clcf->default_type = { 0, NULL }; |